Vulnerabilities > Microsoft > Windows Media Player > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-31 | CVE-2014-2671 | Buffer Errors vulnerability in Microsoft Windows Media Player 11.0.5721.5230 Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file. | 6.8 |
2010-03-23 | CVE-2010-1042 | Remote Memory Corruption vulnerability in Microsoft Windows Media Player AVI File Colorspace Conversion Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. network microsoft | 4.3 |
2010-02-26 | CVE-2010-0718 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows Media Player 11.0.5721.5145/9 Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file. | 4.3 |
2008-12-29 | CVE-2008-5745 | Numeric Errors vulnerability in Microsoft Windows Media Player 10/11/9 Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. | 4.3 |
2008-11-04 | CVE-2008-4927 | Improper Input Validation vulnerability in Microsoft Windows Media Player 10/11/9 Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assisted attackers to cause a denial of service (application crash) via a malformed (1) MIDI or (2) DAT file, related to "MThd Header Parsing." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 4.3 |
2007-12-04 | CVE-2007-6236 | Numeric Errors vulnerability in Microsoft Windows Media Player 11 Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff. | 5.0 |
2007-08-14 | CVE-2007-3037 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows Media Player Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka "Windows Media Player Code Execution Vulnerability Parsing Skins." | 4.0 |
2006-12-13 | CVE-2006-4702 | Remote ASF File Buffer Overflow vulnerability in Microsoft products Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. network microsoft | 6.8 |
2005-10-12 | CVE-2005-2128 | Buffer Overflow vulnerability in Microsoft Windows Media Player 9 QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value. | 5.0 |
2004-12-18 | CVE-2004-1325 | Unspecified vulnerability in Microsoft Windows Media Player 9 The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system. | 5.0 |